WO2016058304A1 - Password input method and system based on two-stage conversion - Google Patents

Password input method and system based on two-stage conversion Download PDF

Info

Publication number
WO2016058304A1
WO2016058304A1 PCT/CN2015/072711 CN2015072711W WO2016058304A1 WO 2016058304 A1 WO2016058304 A1 WO 2016058304A1 CN 2015072711 W CN2015072711 W CN 2015072711W WO 2016058304 A1 WO2016058304 A1 WO 2016058304A1
Authority
WO
WIPO (PCT)
Prior art keywords
symbol
password
symbols
input
basic symbol
Prior art date
Application number
PCT/CN2015/072711
Other languages
French (fr)
Chinese (zh)
Inventor
桑永朋
Original Assignee
桑永朋
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 桑永朋 filed Critical 桑永朋
Priority to US14/913,211 priority Critical patent/US20160292402A1/en
Publication of WO2016058304A1 publication Critical patent/WO2016058304A1/en
Priority to US15/671,111 priority patent/US10032015B2/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/83Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof

Definitions

  • the invention belongs to the field of computer information security, and particularly relates to a password input method and system based on two-level conversion.
  • the present invention provides a password input method and system based on two-level conversion, in which a layer of intermediate symbols is added between a user password symbol and an actual input symbol, so that the actual input symbol and The password symbol is not a simple one-to-one correspondence.
  • the user no longer directly inputs the original password symbol, but inputs the symbol according to the randomly generated correspondence, which effectively prevents the peek and crack of the password.
  • the present invention provides a password input method based on two-level conversion, a package Including the following steps:
  • the intermediate basic symbol corresponding to the symbol position of the current password to be input is first searched in the secondary association, and then the original basic symbol corresponding to the intermediate basic symbol position is queried in the primary association. , the user inputs the original basic symbol that is queried, and completes the input operation of the currently composed password to form a symbol;
  • the original basic symbol is any one or combination of letters, numbers, special characters, Chinese characters, graphics, and images.
  • the intermediate basic symbol is any one or combination of letters, numbers, special characters, Chinese characters, graphics, and images.
  • the original basic symbol is different from the intermediate basic symbol.
  • the original basic symbol is a letter or a number or a combination of a letter and a number
  • the intermediate basic symbol is a special character or a graphic or an image or a combination of the three.
  • first-level association and the second-level association establish a one-to-one correspondence of positions according to a sequence or a matrix.
  • a password input system based on two-level conversion comprising:
  • a first module configured to use a password composition symbol as the original basic symbol, and randomly select the same intermediate basic symbol for the same;
  • a second module for randomly sorting the original basic symbols and the intermediate basic symbols, respectively, to sort
  • the intermediate intermediate symbol and the original basic symbol are in one-to-one correspondence according to the spatial positional relationship, forming a first-level association
  • the third module is configured to re-sort the original basic symbol and the intermediate basic symbol separately, and respectively re-sort the intermediate basic symbol and the original basic symbol according to the spatial position relationship to form a second-level association;
  • the fourth module is configured to form a symbol for the current password to be input, first querying, in the secondary association, an intermediate basic symbol corresponding to the symbol position of the current password to be input, and then querying, in the primary association, the location corresponding to the intermediate basic symbol position.
  • the original basic symbol the user inputs the original basic symbol that is queried, and completes the input operation of the currently formed password to form a symbol;
  • the fifth module is used to repeat the second module to the fourth module until all the password constituent symbols are input.
  • a layer of intermediate symbols is added between the user password symbol and the actual input symbol to establish a two-pole association of the original basic symbol - the intermediate basic symbol, the intermediate basic symbol - the original basic symbol.
  • the user's final input depends on the randomly generated association table, and the association table changes each time a password symbol is entered.
  • the last actual input using the keyboard may be any combination of symbols.
  • One of the biggest advantages of doing this is that it can prevent shoulder sneak, because each time you enter a password, there will be a different association table, which can't be remembered by ordinary people in a short time. And thus generated a diversified correspondence table for the user to enter the key.
  • Changing the traditional single key input method to a random symbol diversification association table is a secure password input scheme.
  • Figure 1 is a flow chart of the method of the present invention.
  • FIG. 2 is a schematic diagram of Example 1, wherein FIG. 2(a) is a schematic diagram of an input keyboard of the ATM of Example 1, and FIG. 2(b) is a schematic diagram of an intermediate basic symbol selected by the example 1, FIG. 2(c) and FIG. 2(d)
  • FIG. 2(c) and FIG. 2(d) The schematic diagram of the first-level association relationship of the example 1; FIG. 2(e) and FIG. 2(f) are the second-level association relationship of the example 1.
  • FIG. 3 is a schematic diagram of the example 2, wherein FIG. 3(a) is a schematic diagram of an input keyboard of the ATM of the example 2, FIG. 3(b) is a schematic diagram of an intermediate basic symbol selected by the example 2, and FIG. 3(c) is a level of the example 2; Schematic diagram of the association relationship; Figure 3 (d) is a schematic diagram of the secondary association relationship of the example 2.
  • FIG. 4 is a schematic diagram of an example 3, wherein FIG. 4(a) is a schematic diagram of an input keyboard of the ATM of the example 3, FIG. 4(b) is a schematic diagram of an intermediate basic symbol selected by the example 3, and FIG. 4(c) is a level of the third embodiment. Schematic diagram of the association relationship; Figure 4 (d) is a schematic diagram of the secondary association relationship of the example 3.
  • the present invention provides a password input method based on two-level conversion, which is specifically:
  • the internal resolution of the password is the inverse of the user input, according to the user's input,
  • the user password is finally determined by querying the real character in the first level association and the second level association.
  • the original basic symbol constituting the password may be a letter, a number, a special character, a Chinese character, a graphic/image, or the like, or may be a combination of a letter, a number, a special character, a Chinese character, a graphic, and an image; the intermediate basic symbol may be a letter , numbers, special characters, Chinese characters, graphics, images, etc., can also be a combination of letters, numbers, special characters, Chinese characters, graphics, images.
  • the letters are English letters, Latin letters, Greek letters, etc., the numbers are 0, 1, 2, 3, etc., and the special characters are punctuation marks, mathematical operators, tabs, etc., and the graphics/images are Arbitrary visual graphics (such as rectangles, diamonds, triangles, circles, etc.) and images (such as images of human bodies or their parts, images of natural objects such as mountains, water, trees, animals, etc., artificial objects such as cars, boats, airplanes, tables and chairs) image).
  • the original basic symbol and the intermediate basic symbol are not reused as much as possible.
  • the intermediate basic symbol adopt special characters, complicated graphics/images, etc., to improve the anti-peeping ability when the password is input.
  • the first-level association and the second-level association may correspond to a positional relationship such as a sequence position or a matrix position.
  • the technical idea of the present invention it can be extended to three-level association, four-level association, and even more layers as needed, and the more layers, the higher the complexity and security of password input.
  • the password input method of the present invention can be applied to various occasions where a password is required to obtain a corresponding service, including an ATM machine password, an online banking password, an access password, an important file encryption password, an email password, and the like.
  • Figure 2 (a) is the input interface of ATM, you can enter a number from 0 to 9. As shown in Fig. 2(b), this example selects a total of 10 letters a to j as intermediate basic symbols. Assuming the user password is "123941", the first level conversion relationship is displayed on the screen. As shown in Figures 2(c) and 2(d), the second-order conversion relationship is displayed as shown in Figures 2(e) and 2(f).
  • Figure 3 (a) is the input interface of the ATM, which can input numbers from 0 to 9; as shown in Figure 3 (b), this example selects 10 animal patterns as intermediate basic symbols.
  • the first-level conversion relationship is displayed on the screen as shown in Fig. 3(c), and the second-level conversion relationship is displayed as shown in Fig. 3(d).
  • the user password is "123941”. If the user wants to input the number "1”, first find the intermediate basic symbol corresponding to its position according to the secondary correspondence table shown in Figure 3(d), and then according to Figure 3(c)
  • the first level correspondence table finds the original basic symbol "7" corresponding to the intermediate basic symbol position, and he should operate the number "7" key on the ATM keyboard.
  • the system After the input, the user continues to want to enter the number "2", the system automatically generates a new look-up table, input in the same way. For the sake of simplicity, it is assumed that the association table corresponding to the six inputs is the same as the first time, and finally the password input from the keyboard should be "765437".
  • Figure 4 (a) is the input interface of the ATM, which can input numbers from 0 to 9; as shown in Figure 4 (b), this example selects 10 combinations of words, letters and graphics to form the intermediate basic symbols.
  • the first-level conversion relationship is displayed on the screen as shown in Fig. 4(c), and the second-level conversion relationship is displayed as shown in Fig. 4(d).
  • the user password is "123941” if the user wants to enter a number "1”

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Input From Keyboards Or The Like (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Document Processing Apparatus (AREA)
  • User Interface Of Digital Computer (AREA)

Abstract

A password input method based on two-stage conversion, particularly as follows: (1) taking password composition symbols as original basic symbols, and randomly selecting intermediate basic symbols therefor; (2) randomly ordering the original basic symbols and the intermediate basic symbols respectively and making same in one-to-one correspondence according to a spatial position relationship to form first-stage correlation; (3) randomly re-ordering the original basic symbols and the intermediate basic symbols again respectively and making same in one-to-one correspondence according to the spatial position relationship to form second-stage correlation; (4) with regard to a current password composition symbol to be input, querying an original basic symbol corresponding thereto according to the second-stage correlation first and then the first-stage correlation so as to complete an input operation on the current password composition symbol to be input; and (5) repeating steps (2)-(4) until the input of all the password composition symbols is completed. The method can be well adapted to a currently and widely used password input environment, and can effectively avoid a password stealing problem at the same time, thereby improving the security during password input.

Description

一种基于两级转换的口令输入方法及系统Password input method and system based on two-level conversion 【技术领域】[Technical Field]
本发明属于计算机信息安全领域,具体涉及一种基于两级转换的口令输入方法及系统。The invention belongs to the field of computer information security, and particularly relates to a password input method and system based on two-level conversion.
【背景技术】【Background technique】
长久以来,在密码认证系统当中,人们使用最广泛的密码形式是字母和数字密码,即通过一组字母和数字的组合作为密码,通过向系统或他人提交这个密码以达到证明自己身份的目的。然而,在方便快捷的同时,它也面临很多问题。通常出于安全性的考虑,系统会要求用户使用强密码。强密码的特点是密码位数相对较长,使用大小写字母、数字和一些特殊符号的组合,密钥空间大,不易被暴力破解。但是用户为了使用和记忆方便,往往会倾向缩短密码长度或使用熟悉的密码。这就给密码的安全性带来了致命的问题,攻击者们常常能通过包括暴力破解、字典攻击等在内的各种方法破解用户的密码,窃取他人的各种信息。D.Klein指出,使用一个包含3000000单词的字典即可以破解14000个密码当中的1/4。E.Spafford也指出,仅使用1988UNIX在线字典再加432个单词作为字典,即可破解50%网站的密码。现在的计算机速度越来越快,使得更为复杂的攻击字典可以轻松的应用于密码破解中,破解速度不断缩短。For a long time, among the password authentication systems, the most widely used forms of passwords are alphanumeric passwords, that is, a combination of letters and numbers as a password, which is used to prove identity by submitting the password to the system or others. However, it is also facing many problems while it is convenient and fast. Usually for security reasons, the system will require users to use strong passwords. Strong passwords are characterized by a relatively long number of passwords, using a combination of uppercase and lowercase letters, numbers, and some special symbols. The key space is large and is not easily brute-forced. However, users tend to shorten the password length or use familiar passwords in order to use and remember. This brings a fatal problem to the security of passwords. Attackers often crack the user's password and steal other people's information through various methods including brute force attack and dictionary attack. D. Klein pointed out that using a dictionary containing 3000000 words can crack 1/4 of 14,000 passwords. E. Spafford also pointed out that using only the 1988 UNIX online dictionary plus 432 words as a dictionary can crack the password of 50% of the website. Today's computers are getting faster and faster, making more complex attack dictionaries easy to use in password cracking, and the speed of cracking is shortening.
【发明内容】[Summary of the Invention]
针对现有技术的以上缺陷或改进需求,本发明提供一种基于两级转换的口令输入方法及系统,在用户口令符号和实际输入符号之间加入了一层中间符号,使得实际输入的符号和口令符号不是简单的一一对应关系,用户不再直接输入原始密码符号,而是依据随机生成的对应关系输入符号,有效防止了对口令的偷窥和破解。In view of the above defects or improvement requirements of the prior art, the present invention provides a password input method and system based on two-level conversion, in which a layer of intermediate symbols is added between a user password symbol and an actual input symbol, so that the actual input symbol and The password symbol is not a simple one-to-one correspondence. The user no longer directly inputs the original password symbol, but inputs the symbol according to the randomly generated correspondence, which effectively prevents the peek and crack of the password.
为实现上述目的,本发明提供一种基于两级转换的口令输入方法,包 括以下步骤:To achieve the above object, the present invention provides a password input method based on two-level conversion, a package Including the following steps:
(1)将口令组成符号作为原始基本符号,并为其随机选取数量相同的中间基本符号;(1) Using the password composition symbol as the original basic symbol, and randomly selecting the intermediate basic symbols of the same number;
(2)分别随机排序原始基本符号和中间基本符号,将排序后的中间基本符号与原始基本符号按照空间位置关系一一对应,形成一级关联;(2) randomly sorting the original basic symbols and the intermediate basic symbols respectively, and sequentially matching the sorted intermediate basic symbols with the original basic symbols according to the spatial position relationship to form a first-level association;
(3)再次分别重新随机排序原始基本符号和中间基本符号,将重新排序后的中间基本符号与原始基本符号按照空间位置关系一一对应,形成二级关联;(3) re-sorting the original basic symbol and the intermediate basic symbol separately, and respectively re-sorting the intermediate basic symbol and the original basic symbol in a one-to-one correspondence according to the spatial position relationship to form a secondary association;
(4)对于当前待输入口令组成符号,首先在二级关联中查询与当前待输入口令组成符号位置对应的中间基本符号,然后在一级关联中查询与该中间基本符号位置对应的原始基本符号,用户输入查询到的原始基本符号,完成当前待输入口令组成符号的输入操作;(4) For the current password to be input, the intermediate basic symbol corresponding to the symbol position of the current password to be input is first searched in the secondary association, and then the original basic symbol corresponding to the intermediate basic symbol position is queried in the primary association. , the user inputs the original basic symbol that is queried, and completes the input operation of the currently composed password to form a symbol;
(5)重复步骤(2)~(4)直到所有口令组成符号输入完毕。(5) Repeat steps (2) to (4) until all password constituent symbols have been entered.
进一步地,所述原始基本符号为字母、数字、特殊字符、汉字、图形和图像中的任意一种或组合。Further, the original basic symbol is any one or combination of letters, numbers, special characters, Chinese characters, graphics, and images.
进一步地,所述中间基本符号为字母、数字、特殊字符、汉字、图形和图像中的任意一种或组合。Further, the intermediate basic symbol is any one or combination of letters, numbers, special characters, Chinese characters, graphics, and images.
进一步地,所述原始基本符号与中间基本符号不相同。Further, the original basic symbol is different from the intermediate basic symbol.
进一步地,所述原始基本符号为字母或数字或字母与数字的组合,所述中间基本符号为特殊字符或图形或图像或该三者组合。Further, the original basic symbol is a letter or a number or a combination of a letter and a number, and the intermediate basic symbol is a special character or a graphic or an image or a combination of the three.
进一步地,所述一级关联和二级关联按照序列或者矩阵建立位置一一对应关系。Further, the first-level association and the second-level association establish a one-to-one correspondence of positions according to a sequence or a matrix.
一种基于两级转换的口令输入系统,包括:A password input system based on two-level conversion, comprising:
第一模块,用于将口令组成符号作为原始基本符号,并为其随机选取数量相同的中间基本符号;a first module, configured to use a password composition symbol as the original basic symbol, and randomly select the same intermediate basic symbol for the same;
第二模块,用于分别随机排序原始基本符号和中间基本符号,将排序 后的中间基本符号与原始基本符号按照空间位置关系一一对应,形成一级关联;a second module for randomly sorting the original basic symbols and the intermediate basic symbols, respectively, to sort The intermediate intermediate symbol and the original basic symbol are in one-to-one correspondence according to the spatial positional relationship, forming a first-level association;
第三模块,用于再次分别重新随机排序原始基本符号和中间基本符号,将重新排序后的中间基本符号与原始基本符号按照空间位置关系一一对应,形成二级关联;The third module is configured to re-sort the original basic symbol and the intermediate basic symbol separately, and respectively re-sort the intermediate basic symbol and the original basic symbol according to the spatial position relationship to form a second-level association;
第四模块,用于对于当前待输入口令组成符号,首先在二级关联中查询与当前待输入口令组成符号位置对应的中间基本符号,然后在一级关联中查询与该中间基本符号位置对应的原始基本符号,用户输入查询到的原始基本符号,完成当前待输入口令组成符号的输入操作;The fourth module is configured to form a symbol for the current password to be input, first querying, in the secondary association, an intermediate basic symbol corresponding to the symbol position of the current password to be input, and then querying, in the primary association, the location corresponding to the intermediate basic symbol position. The original basic symbol, the user inputs the original basic symbol that is queried, and completes the input operation of the currently formed password to form a symbol;
第五模块,用于重复第二模块~第四模块直到所有口令组成符号输入完毕。The fifth module is used to repeat the second module to the fourth module until all the password constituent symbols are input.
总体而言,通过本发明所构思的以上技术方案与现有技术相比,具有以下有益效果:In general, the above technical solutions conceived by the present invention have the following beneficial effects compared with the prior art:
在用户口令符号和实际输入符号之间加入了一层中间符号,进而建立原始基本符号-中间基本符号、中间基本符号-原始基本符号的两极关联。用户最终的输入依赖于随机生成的关联表,每输入一个口令符号,关联表就会改变一次。对于一个确定的密钥,最后实际使用键盘输入的可能是任何组合的符号。这样做的一个最大好处就是可以防止肩窥,因为每次输入口令都会有一张不一样的关联表,短时间内一般人无法记住。并由此生成了多元化的对应表便于用户输入密钥。将传统单一的密钥输入方式改变为具有随机性的符号多元化关联表,是一种安全的密码输入方案。A layer of intermediate symbols is added between the user password symbol and the actual input symbol to establish a two-pole association of the original basic symbol - the intermediate basic symbol, the intermediate basic symbol - the original basic symbol. The user's final input depends on the randomly generated association table, and the association table changes each time a password symbol is entered. For a certain key, the last actual input using the keyboard may be any combination of symbols. One of the biggest advantages of doing this is that it can prevent shoulder sneak, because each time you enter a password, there will be a different association table, which can't be remembered by ordinary people in a short time. And thus generated a diversified correspondence table for the user to enter the key. Changing the traditional single key input method to a random symbol diversification association table is a secure password input scheme.
【附图说明】[Description of the Drawings]
图1是本发明方法流程图。Figure 1 is a flow chart of the method of the present invention.
图2为实例1示意图,其中,图2(a)为实例1的ATM的输入键盘示意图,图2(b)为实例1选取的中间基本符号示意图,图2(c)和图2(d)为实例1的一级关联关系示意图;图2(e)和图2(f)为实例1的二级关联关系 示意图。2 is a schematic diagram of Example 1, wherein FIG. 2(a) is a schematic diagram of an input keyboard of the ATM of Example 1, and FIG. 2(b) is a schematic diagram of an intermediate basic symbol selected by the example 1, FIG. 2(c) and FIG. 2(d) The schematic diagram of the first-level association relationship of the example 1; FIG. 2(e) and FIG. 2(f) are the second-level association relationship of the example 1. schematic diagram.
图3为实例2示意图,其中,图3(a)为实例2的ATM的输入键盘示意图,图3(b)为实例2选取的中间基本符号示意图,图3(c)为实例2的一级关联关系示意图;图3(d)为实例2的二级关联关系示意图。3 is a schematic diagram of the example 2, wherein FIG. 3(a) is a schematic diagram of an input keyboard of the ATM of the example 2, FIG. 3(b) is a schematic diagram of an intermediate basic symbol selected by the example 2, and FIG. 3(c) is a level of the example 2; Schematic diagram of the association relationship; Figure 3 (d) is a schematic diagram of the secondary association relationship of the example 2.
图4为实例3示意图,其中,图4(a)为实例3的ATM的输入键盘示意图,图4(b)为实例3选取的中间基本符号示意图,图4(c)为实例3的一级关联关系示意图;图4(d)为实例3的二级关联关系示意图。4 is a schematic diagram of an example 3, wherein FIG. 4(a) is a schematic diagram of an input keyboard of the ATM of the example 3, FIG. 4(b) is a schematic diagram of an intermediate basic symbol selected by the example 3, and FIG. 4(c) is a level of the third embodiment. Schematic diagram of the association relationship; Figure 4 (d) is a schematic diagram of the secondary association relationship of the example 3.
【具体实施方式】【detailed description】
为了使本发明的目的、技术方案及优点更加清楚明白,以下结合案例,对本发明进行进一步详细说明。应当理解,此处所描述的具体实施例仅仅用以解释本发明,并不用于限定本发明。此外,下面所描述的本发明各个实施方式中所涉及到的技术特征只要彼此之间未构成冲突就可以相互组合。In order to make the objects, technical solutions and advantages of the present invention more comprehensible, the present invention will be further described in detail below. It is understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention. Further, the technical features involved in the various embodiments of the present invention described below may be combined with each other as long as they do not constitute a conflict with each other.
参见图1,本发明提供一种基于两级转换的口令输入方法,具体为:Referring to FIG. 1, the present invention provides a password input method based on two-level conversion, which is specifically:
(1)获取组成口令的原始基本符号,并为其随机选取数量相同的中间基本符号;(1) Obtaining the original basic symbols constituting the password, and randomly selecting the intermediate basic symbols of the same number;
(2)分别随机排序原始基本符号和中间基本符号,将排序后的中间基本符号与原始基本符号按照空间位置关系一一对应,形成一级关联;(2) randomly sorting the original basic symbols and the intermediate basic symbols respectively, and sequentially matching the sorted intermediate basic symbols with the original basic symbols according to the spatial position relationship to form a first-level association;
(3)再次分别重新随机排序原始基本符号和中间基本符号,将重新排序后的中间基本符号与原始基本符号按照空间位置关系一一对应,形成二级关联;(3) re-sorting the original basic symbol and the intermediate basic symbol separately, and respectively re-sorting the intermediate basic symbol and the original basic symbol in a one-to-one correspondence according to the spatial position relationship to form a secondary association;
(4)对于当前待输入符号,首先在二级关联中查询与当前待输入字符位置对应的中间基本符号,然后在一级关联中查询与该中间基本符号位置对应的原始基本符号,用户输入查询到的原始基本符号;(4) For the currently-to-be-entered symbol, first query the intermediate basic symbol corresponding to the current character position to be input in the second-level association, and then query the original basic symbol corresponding to the intermediate basic symbol position in the first-level association, and the user inputs the query. The original basic symbol to;
(5)重复步骤(2)~(4)直到组成口令的所有符号输入完毕。(5) Repeat steps (2) to (4) until all the symbols constituting the password have been input.
系统内部对口令的解析就是对用户输入的逆过程,根据用户的输入, 按照先一级关联、再二级关联中查询到真实的字符最终确定用户口令。The internal resolution of the password is the inverse of the user input, according to the user's input, The user password is finally determined by querying the real character in the first level association and the second level association.
所述组成口令的原始基本符号可以是字母、数字、特殊字符、汉字、图形/图像等,也可以是字母、数字、特殊字符、汉字、图形、图像的组合;所述中间基本符号可以是字母、数字、特殊字符、汉字、图形、图像等,也可以是字母、数字、特殊字符、汉字、图形、图像的组合。所述字母为英文字母、拉丁字母、希腊字母等,所述数字为0、1、2、3等,所述特殊字符为标点符号、数学运算符、制表符等,所述图形/图像为任意的可视图形(如矩形、菱形、三角形、圆形等)和图像(如人体或其部件图像,山、水、树木、动物等自然物体图像,车、船、飞机、桌椅等人造物体图像)。The original basic symbol constituting the password may be a letter, a number, a special character, a Chinese character, a graphic/image, or the like, or may be a combination of a letter, a number, a special character, a Chinese character, a graphic, and an image; the intermediate basic symbol may be a letter , numbers, special characters, Chinese characters, graphics, images, etc., can also be a combination of letters, numbers, special characters, Chinese characters, graphics, images. The letters are English letters, Latin letters, Greek letters, etc., the numbers are 0, 1, 2, 3, etc., and the special characters are punctuation marks, mathematical operators, tabs, etc., and the graphics/images are Arbitrary visual graphics (such as rectangles, diamonds, triangles, circles, etc.) and images (such as images of human bodies or their parts, images of natural objects such as mountains, water, trees, animals, etc., artificial objects such as cars, boats, airplanes, tables and chairs) image).
考虑突出原始基本符号与中间基本符号的差异性,优选原始基本符号与中间基本符号尽量不重复使用。Considering the difference between the original basic symbol and the intermediate basic symbol, it is preferable that the original basic symbol and the intermediate basic symbol are not reused as much as possible.
遵照目前大量实际应用中口令的组成方式,优选原始基本符号采用字母、数字。In accordance with the current composition of passwords in a large number of practical applications, it is preferred that the original basic symbols adopt letters and numbers.
结合到人对非常见对象的短时记忆差的特点,优选中间基本符号采用特殊字符、复杂的图形/图像等,以提高口令输入时的抗偷窥能力。Combined with the characteristics of short-term memory difference of the object to the uncommon object, it is preferred that the intermediate basic symbol adopt special characters, complicated graphics/images, etc., to improve the anti-peeping ability when the password is input.
所述一级关联和二级关联中可以按照例如序列位置或者是矩阵位置等位置关系对应。The first-level association and the second-level association may correspond to a positional relationship such as a sequence position or a matrix position.
遵照本发明技术思路,可根据需要扩展为三级关联、四级关联,甚至更多层的关联,层次越多,口令输入复杂性和安全性越高。According to the technical idea of the present invention, it can be extended to three-level association, four-level association, and even more layers as needed, and the more layers, the higher the complexity and security of password input.
本发明口令输入方法可应用于各类需要提供口令才能获取相应服务的场合,包括ATM机口令、网银口令、门禁口令、重要文件加密口令、电子邮箱口令等。The password input method of the present invention can be applied to various occasions where a password is required to obtain a corresponding service, including an ATM machine password, an online banking password, an access password, an important file encryption password, an email password, and the like.
实例1:Example 1:
下面以ATM机作为实例说明。图2(a)是ATM的输入界面,可以输入0~9的数字。如图2(b)所示,此实例选取a~j共10个字母作为中间基本符号。假定用户口令是“123941”,在屏幕上将第一级转换关系显示出来 如图2(c)和2(d)所示,将第二级转换关系显示出来如图2(e)和2(f)所示。如果用户想输入数字“1”,首先根据图2(e)和2(f)所示的二级对应表找到其位置对应的中间基本符号“a”,然后根据图2(c)和2(d)所示的一级对应表找到与“a”位置对应的原始基本符号“7”,所以用户应该操作ATM键盘上的数字“7”键。输入之后,用户继续想输入数字“2”,则系统自动生成新的关联关系对照表,按照相同的方式输入。为了简单示意,这里假定六次输入对应的关联关系对照表均与第一次相同,则最后从键盘输入的口令应该是“765437”。ATM机在系统内部对口令的解析就是对用户输入的逆过程,根据用户的输入,按照先一级关联、再二级关联中查询到真实的字符最终确定用户口令。The following uses an ATM machine as an example. Figure 2 (a) is the input interface of ATM, you can enter a number from 0 to 9. As shown in Fig. 2(b), this example selects a total of 10 letters a to j as intermediate basic symbols. Assuming the user password is "123941", the first level conversion relationship is displayed on the screen. As shown in Figures 2(c) and 2(d), the second-order conversion relationship is displayed as shown in Figures 2(e) and 2(f). If the user wants to enter the number "1", first find the intermediate basic symbol "a" corresponding to its position according to the secondary correspondence table shown in Figures 2(e) and 2(f), and then according to Figures 2(c) and 2 ( d) The first-level correspondence table shown finds the original basic symbol "7" corresponding to the "a" position, so the user should operate the number "7" key on the ATM keyboard. After the input, the user continues to want to enter the number "2", then the system automatically generates a new relationship comparison table, input in the same way. For the sake of simplicity, it is assumed that the association table corresponding to the six inputs is the same as the first time, and finally the password input from the keyboard should be "765437". The analysis of the password by the ATM machine inside the system is the reverse process of the user input. According to the input of the user, the user password is finally determined according to the first level association and the second level association to the real character.
实例2:Example 2:
图3(a)是ATM的输入界面,可以输入0~9的数字;如图3(b)所示,此实例选取10个动物图案作为中间基本符号。在屏幕上将第一级转换关系显示出来如图3(c)所示,将第二级转换关系显示出来如图3(d)所示。假定用户口令是“123941”,如果用户想输入数字“1”,首先根据图图3(d)所示的二级对应表找到其位置对应的中间基本符号,然后根据图3(c)所示的一级对应表找到与中间基本符号位置对应的原始基本符号“7”,他应该操作ATM键盘上的数字“7”键。输入之后,用户继续想输入数字“2”,则系统自动生成新的对照表,按照相同的方式输入。为了简单示意,这里假定六次输入对应的关联关系对照表均与第一次相同,则最后从键盘输入的口令应该是“765437”。Figure 3 (a) is the input interface of the ATM, which can input numbers from 0 to 9; as shown in Figure 3 (b), this example selects 10 animal patterns as intermediate basic symbols. The first-level conversion relationship is displayed on the screen as shown in Fig. 3(c), and the second-level conversion relationship is displayed as shown in Fig. 3(d). Assume that the user password is "123941". If the user wants to input the number "1", first find the intermediate basic symbol corresponding to its position according to the secondary correspondence table shown in Figure 3(d), and then according to Figure 3(c) The first level correspondence table finds the original basic symbol "7" corresponding to the intermediate basic symbol position, and he should operate the number "7" key on the ATM keyboard. After the input, the user continues to want to enter the number "2", the system automatically generates a new look-up table, input in the same way. For the sake of simplicity, it is assumed that the association table corresponding to the six inputs is the same as the first time, and finally the password input from the keyboard should be "765437".
实例3:Example 3:
图4(a)是ATM的输入界面,可以输入0~9的数字;如图4(b)所示,此实例选取10个由文字、字母和图形混合组成为中间基本符号。在屏幕上将第一级转换关系显示出来如图4(c)所示,将第二级转换关系显示出来如图4(d)所示。假定用户口令是“123941”,如果用户想输入数字 “1”,首先根据图3(d)所示的二级对应表找到其位置对应的中间基本符号“A”,然后根据图3(c)所示的一级对应表找到与中间基本符号位置对应的原始基本符号“7”,他应该操作ATM键盘上的数字“7”键。输入之后,用户继续想输入数字“2”,则系统自动生成新的对照表,按照相同的方式输入。为了简单示意,这里假定六次输入对应的关联关系对照表均与第一次相同,则最后从键盘输入的口令应该是“765437”。Figure 4 (a) is the input interface of the ATM, which can input numbers from 0 to 9; as shown in Figure 4 (b), this example selects 10 combinations of words, letters and graphics to form the intermediate basic symbols. The first-level conversion relationship is displayed on the screen as shown in Fig. 4(c), and the second-level conversion relationship is displayed as shown in Fig. 4(d). Assume that the user password is "123941" if the user wants to enter a number "1", first find the intermediate basic symbol "A" corresponding to its position according to the secondary correspondence table shown in Fig. 3 (d), and then find the intermediate basic symbol position according to the first-level correspondence table shown in Fig. 3 (c) Corresponding to the original basic symbol "7", he should operate the number "7" key on the ATM keyboard. After the input, the user continues to want to enter the number "2", the system automatically generates a new look-up table, input in the same way. For the sake of simplicity, it is assumed that the association table corresponding to the six inputs is the same as the first time, and finally the password input from the keyboard should be "765437".
本领域的技术人员容易理解,以上所述仅为本发明的较佳实施例而已,并不用以限制本发明,凡在本发明的精神和原则之内所作的任何修改、等同替换和改进等,均应包含在本发明的保护范围之内。 Those skilled in the art will appreciate that the above description is only a preferred embodiment of the present invention, and is not intended to limit the present invention. Any modifications, equivalent substitutions and improvements made within the spirit and scope of the present invention, All should be included in the scope of protection of the present invention.

Claims (7)

  1. 一种基于两级转换的口令输入方法,其特征在于,包括以下步骤:A password input method based on two-level conversion, comprising the following steps:
    (1)将口令组成符号作为原始基本符号,并为其随机选取数量相同的中间基本符号;(1) Using the password composition symbol as the original basic symbol, and randomly selecting the intermediate basic symbols of the same number;
    (2)分别随机排序原始基本符号和中间基本符号,将排序后的中间基本符号与原始基本符号按照空间位置关系一一对应,形成一级关联;(2) randomly sorting the original basic symbols and the intermediate basic symbols respectively, and sequentially matching the sorted intermediate basic symbols with the original basic symbols according to the spatial position relationship to form a first-level association;
    (3)再次分别重新随机排序原始基本符号和中间基本符号,将重新排序后的中间基本符号与原始基本符号按照空间位置关系一一对应,形成二级关联;(3) re-sorting the original basic symbol and the intermediate basic symbol separately, and respectively re-sorting the intermediate basic symbol and the original basic symbol in a one-to-one correspondence according to the spatial position relationship to form a secondary association;
    (4)对于当前待输入口令组成符号,首先在二级关联中查询与当前待输入口令组成符号位置对应的中间基本符号,然后在一级关联中查询与该中间基本符号位置对应的原始基本符号,用户输入查询到的原始基本符号,完成当前待输入口令组成符号的输入操作;(4) For the current password to be input, the intermediate basic symbol corresponding to the symbol position of the current password to be input is first searched in the secondary association, and then the original basic symbol corresponding to the intermediate basic symbol position is queried in the primary association. , the user inputs the original basic symbol that is queried, and completes the input operation of the currently composed password to form a symbol;
    (5)重复步骤(2)~(4)直到所有口令组成符号输入完毕。(5) Repeat steps (2) to (4) until all password constituent symbols have been entered.
  2. 根据权利要求1所述的口令输入方法,其特征在于,所述原始基本符号为字母、数字、特殊字符、汉字、图形和图像中的任意一种或组合。The password input method according to claim 1, wherein the original basic symbol is any one or a combination of letters, numbers, special characters, Chinese characters, graphics, and images.
  3. 根据权利要求1所述的口令输入方法,其特征在于,所述中间基本符号为字母、数字、特殊字符、汉字、图形和图像中的任意一种或组合。The password input method according to claim 1, wherein the intermediate basic symbol is any one or a combination of letters, numbers, special characters, Chinese characters, graphics, and images.
  4. 根据权利要求1或2或3所述的口令输入方法,其特征在于,所述原始基本符号与中间基本符号不相同。The password input method according to claim 1 or 2 or 3, wherein the original basic symbol is different from the intermediate basic symbol.
  5. 根据权利要求1或2或3所述的口令输入方法,其特征在于,所述原始基本符号为字母或数字或字母与数字的组合,所述中间基本符号为特殊字符或图形或图像或该三者组合。The password input method according to claim 1 or 2 or 3, wherein the original basic symbol is a letter or a number or a combination of a letter and a number, and the intermediate basic symbol is a special character or a graphic or an image or the three Combination.
  6. 根据权利要求1或2或3所述的口令输入方法,其特征在于,所述一级关联和二级关联按照序列或者矩阵建立位置一一对应关系。 The password input method according to claim 1 or 2 or 3, wherein the first-level association and the second-level association establish a one-to-one correspondence of positions according to a sequence or a matrix.
  7. 一种基于两级转换的口令输入系统,其特征在于,包括:A password input system based on two-level conversion, comprising:
    第一模块,用于将口令组成符号作为原始基本符号,并为其随机选取数量相同的中间基本符号;a first module, configured to use a password composition symbol as the original basic symbol, and randomly select the same intermediate basic symbol for the same;
    第二模块,用于分别随机排序原始基本符号和中间基本符号,将排序后的中间基本符号与原始基本符号按照空间位置关系一一对应,形成一级关联;a second module is configured to randomly sort the original basic symbols and the intermediate basic symbols respectively, and respectively match the sorted intermediate basic symbols with the original basic symbols according to the spatial position relationship to form a first-level association;
    第三模块,用于再次分别重新随机排序原始基本符号和中间基本符号,将重新排序后的中间基本符号与原始基本符号按照空间位置关系一一对应,形成二级关联;The third module is configured to re-sort the original basic symbol and the intermediate basic symbol separately, and respectively re-sort the intermediate basic symbol and the original basic symbol according to the spatial position relationship to form a second-level association;
    第四模块,用于对于当前待输入口令组成符号,首先在二级关联中查询与当前待输入口令组成符号位置对应的中间基本符号,然后在一级关联中查询与该中间基本符号位置对应的原始基本符号,用户输入查询到的原始基本符号,完成当前待输入口令组成符号的输入操作;The fourth module is configured to form a symbol for the current password to be input, first querying, in the secondary association, an intermediate basic symbol corresponding to the symbol position of the current password to be input, and then querying, in the primary association, the location corresponding to the intermediate basic symbol position. The original basic symbol, the user inputs the original basic symbol that is queried, and completes the input operation of the currently formed password to form a symbol;
    第五模块,用于重复第二模块~第四模块直到所有口令组成符号输入完毕。 The fifth module is used to repeat the second module to the fourth module until all the password constituent symbols are input.
PCT/CN2015/072711 2014-10-13 2015-02-11 Password input method and system based on two-stage conversion WO2016058304A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
US14/913,211 US20160292402A1 (en) 2014-10-13 2015-02-11 Password input method and system based on two-stage conversion
US15/671,111 US10032015B2 (en) 2014-10-13 2017-08-07 Password input method based on a two-stage conversion and a system using thereof

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410537714.6A CN104298905B (en) 2014-10-13 2014-10-13 A kind of password input method based on two-stage conversion and system
CN201410537714.6 2014-10-13

Related Child Applications (2)

Application Number Title Priority Date Filing Date
US14/913,211 A-371-Of-International US20160292402A1 (en) 2014-10-13 2015-02-11 Password input method and system based on two-stage conversion
US15/671,111 Continuation-In-Part US10032015B2 (en) 2014-10-13 2017-08-07 Password input method based on a two-stage conversion and a system using thereof

Publications (1)

Publication Number Publication Date
WO2016058304A1 true WO2016058304A1 (en) 2016-04-21

Family

ID=52318628

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/072711 WO2016058304A1 (en) 2014-10-13 2015-02-11 Password input method and system based on two-stage conversion

Country Status (3)

Country Link
US (1) US20160292402A1 (en)
CN (1) CN104298905B (en)
WO (1) WO2016058304A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114373257A (en) * 2021-12-21 2022-04-19 日立楼宇技术(广州)有限公司 Card for calling elevator by visitor, and calling elevator system, calling elevator method and calling elevator device

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104298905B (en) * 2014-10-13 2015-08-19 桑永朋 A kind of password input method based on two-stage conversion and system
CN106570386B (en) * 2015-10-09 2020-09-29 中兴通讯股份有限公司 Touch screen unlocking method and system

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101064601A (en) * 2006-04-26 2007-10-31 资通电脑股份有限公司 Method for authenticating character graph
CN101183941A (en) * 2007-08-03 2008-05-21 廖睿 Random concealed inquiry type cipher authentication technique
CN101477606A (en) * 2009-01-22 2009-07-08 李东声 Dynamic password implementation method, server and electronic signature tool
WO2012131420A1 (en) * 2011-03-31 2012-10-04 Infosys Limited System and method for utilizing a dynamic virtual keyboard
CN103186944A (en) * 2012-01-02 2013-07-03 杜建钢 Peeping-proof password input method
CN103679448A (en) * 2013-11-29 2014-03-26 天地融科技股份有限公司 Password inputting method and password inputting system
CN104298905A (en) * 2014-10-13 2015-01-21 桑永朋 Password input method and system based on two-stage conversion

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5717760A (en) * 1994-11-09 1998-02-10 Channel One Communications, Inc. Message protection system and method
GB201106943D0 (en) * 2011-04-27 2011-06-01 Burkill Vance Improvements in or relating to password generation, recall and protection

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101064601A (en) * 2006-04-26 2007-10-31 资通电脑股份有限公司 Method for authenticating character graph
CN101183941A (en) * 2007-08-03 2008-05-21 廖睿 Random concealed inquiry type cipher authentication technique
CN101477606A (en) * 2009-01-22 2009-07-08 李东声 Dynamic password implementation method, server and electronic signature tool
WO2012131420A1 (en) * 2011-03-31 2012-10-04 Infosys Limited System and method for utilizing a dynamic virtual keyboard
CN103186944A (en) * 2012-01-02 2013-07-03 杜建钢 Peeping-proof password input method
CN103679448A (en) * 2013-11-29 2014-03-26 天地融科技股份有限公司 Password inputting method and password inputting system
CN104298905A (en) * 2014-10-13 2015-01-21 桑永朋 Password input method and system based on two-stage conversion

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114373257A (en) * 2021-12-21 2022-04-19 日立楼宇技术(广州)有限公司 Card for calling elevator by visitor, and calling elevator system, calling elevator method and calling elevator device
CN114373257B (en) * 2021-12-21 2023-06-20 日立楼宇技术(广州)有限公司 Card for calling elevator by visitor, elevator calling system, method and device

Also Published As

Publication number Publication date
CN104298905B (en) 2015-08-19
CN104298905A (en) 2015-01-21
US20160292402A1 (en) 2016-10-06

Similar Documents

Publication Publication Date Title
US11516210B1 (en) Image-based authentication systems and methods
US9813409B2 (en) Method of dynamically adapting a graphical password sequence by executing computer-executable instructions stored on a non-transitory computer-readable medium
US9171147B2 (en) Process and system for strengthening password security
CN108292992A (en) Using key and derive parameter progress password generation
WO2016058304A1 (en) Password input method and system based on two-stage conversion
US9888036B2 (en) Message sending device, message receiving device, message checking method, and recording medium
CN107665298A (en) Password generation system and method based on figure
Yao et al. Graph theory towards designing graphical passwords for mobile devices
Lashkari et al. A new algorithm on Graphical User Authentication (GUA) based on multi-line grids
Din et al. Traid-bit embedding process on Arabic text steganography method
Suo A design and analysis of graphical password
Sahu et al. Survey on various techniques of user authentication and graphical password
Din et al. The Design Review of Feature-based Method in Embedding the Hidden Message in Text as the Implementation of Steganography
Lashkari et al. A complete comparison on pure and cued recall-based graphical user authentication algorithms
Masrom et al. Pure and cued recall-based graphical user authentication
Stainbrook et al. Convenience or strength? Aiding optimal strategies in password generation
US10032015B2 (en) Password input method based on a two-stage conversion and a system using thereof
Rao et al. A study of various graphical passwords authentication schemes using ai hans peter wickelgren approach
Mohamad et al. Image based authentication using zero-knowledge protocol
Gao et al. Usability and security of the recall-based graphical password schemes
Al-Husainy et al. Using Emoji Pictures to Strengthen the Immunity of Passwords against Attackers
CN112329003A (en) Method and system for generating safe and easy-to-remember password
CN106657016A (en) Illegal user name recognition method and system
Sreelatha et al. Intrusion prevention by image based authentication techniques
Ankush et al. Authentication scheme for shoulder surfing using graphical and pair based scheme

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 14913211

Country of ref document: US

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15851149

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15851149

Country of ref document: EP

Kind code of ref document: A1